from rest_framework import permissions


class IsOwnerReadOnly(permissions.BasePermission):
    """自定义权限，只允许所有者编辑"""

    def has_object_permission(self, request, view, obj):  # 方法重写
        """允许GET、HEAD、OPTIONS"""
        if request.method in permissions.SAFE_METHODS:  # SAFE_METHODS = ('GET', 'HEAD', 'OPTIONS')
            return True
        return obj.teacher == request.user
